General

  • Target

    2024-06-10_224eda8a1cad384e3518193032fc246d_cryptolocker

  • Size

    95KB

  • Sample

    240610-1anqsa1cka

  • MD5

    224eda8a1cad384e3518193032fc246d

  • SHA1

    225a06c513d5c4e429bbf83b156c6074b949b27f

  • SHA256

    64de5858c53759a7eb681f92a08ca89fc0e8ddeb2d4b639f40e2987cca1ef554

  • SHA512

    68a8bd42ad73a7a82ee4759d9205944f551d51b6bf923b60ce266c8aaf16a17421ff308a6c250a4fe6ae574919a07e310d057d9759f4069b074ac2bca68ff470

  • SSDEEP

    1536:zj+soPSMOtEvwDpj4ktBl01hJl8QAPM8Ho6cRDjgx/kZ:zCsanOtEvwDpjBG

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-06-10_224eda8a1cad384e3518193032fc246d_cryptolocker

    • Size

      95KB

    • MD5

      224eda8a1cad384e3518193032fc246d

    • SHA1

      225a06c513d5c4e429bbf83b156c6074b949b27f

    • SHA256

      64de5858c53759a7eb681f92a08ca89fc0e8ddeb2d4b639f40e2987cca1ef554

    • SHA512

      68a8bd42ad73a7a82ee4759d9205944f551d51b6bf923b60ce266c8aaf16a17421ff308a6c250a4fe6ae574919a07e310d057d9759f4069b074ac2bca68ff470

    • SSDEEP

      1536:zj+soPSMOtEvwDpj4ktBl01hJl8QAPM8Ho6cRDjgx/kZ:zCsanOtEvwDpjBG

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks